SimpleMachines /
SMF2.1
@@ -302,7 +302,6 @@ discard block |
||
| 302 | 302 | $condition = 'id_member IN ({array_int:members})'; |
| 303 | 303 | $parameters['members'] = $members; |
| 304 | 304 | } |
| 305 | - |
|
| 306 | 305 | elseif ($members === null) |
| 307 | 306 | $condition = '1=1'; |
| 308 | 307 | |
@@ -1739,7 +1738,7 @@ discard block |
||
| 1739 | 1738 | 'before' => '<span style="text-shadow: $1 $2">', |
| 1740 | 1739 | 'after' => '</span>', |
| 1741 | 1740 | 'validate' => function(&$tag, &$data, $disabled) |
| 1742 | - { |
|
| 1741 | + { |
|
| 1743 | 1742 | |
| 1744 | 1743 | if ($data[1] == 'top' || (is_numeric($data[1]) && $data[1] < 50)) |
| 1745 | 1744 | $data[1] = '0 -2px 1px'; |
@@ -1901,7 +1900,8 @@ discard block |
||
| 1901 | 1900 | { |
| 1902 | 1901 | if (isset($temp_bbc)) |
| 1903 | 1902 | $bbc_codes = $temp_bbc; |
| 1904 | - usort($codes, function ($a, $b) { |
|
| 1903 | + usort($codes, function ($a, $b) |
|
| 1904 | + { |
|
| 1905 | 1905 | return strcmp($a['tag'], $b['tag']); |
| 1906 | 1906 | }); |
| 1907 | 1907 | return $codes; |
@@ -2185,7 +2185,8 @@ discard block |
||
| 2185 | 2185 | )? |
| 2186 | 2186 | '; |
| 2187 | 2187 | |
| 2188 | - $data = preg_replace_callback('~' . $url_regex . '~xi' . ($context['utf8'] ? 'u' : ''), function ($matches) { |
|
| 2188 | + $data = preg_replace_callback('~' . $url_regex . '~xi' . ($context['utf8'] ? 'u' : ''), function ($matches) |
|
| 2189 | + { |
|
| 2189 | 2190 | $url = array_shift($matches); |
| 2190 | 2191 | |
| 2191 | 2192 | // If this isn't a clean URL, bail out |
@@ -2274,7 +2275,9 @@ discard block |
||
| 2274 | 2275 | $look_for = strtolower(substr($message, $pos + 2, $pos2 - $pos - 2)); |
| 2275 | 2276 | |
| 2276 | 2277 | // A closing tag that doesn't match any open tags? Skip it. |
| 2277 | - if (!in_array($look_for, array_map(function($code){return $code['tag'];}, $open_tags))) |
|
| 2278 | + if (!in_array($look_for, array_map(function($code) |
|
| 2279 | + { |
|
| 2280 | +return $code['tag'];}, $open_tags))) |
|
| 2278 | 2281 | continue; |
| 2279 | 2282 | |
| 2280 | 2283 | $to_close = array(); |
@@ -3759,7 +3762,6 @@ discard block |
||
| 3759 | 3762 | if (!isset($minSeed) && isset($js_file['options']['seed'])) |
| 3760 | 3763 | $minSeed = $js_file['options']['seed']; |
| 3761 | 3764 | } |
| 3762 | - |
|
| 3763 | 3765 | else |
| 3764 | 3766 | echo ' |
| 3765 | 3767 | <script src="', $js_file['fileUrl'], '"', !empty($js_file['options']['async']) ? ' async' : '', !empty($js_file['options']['defer']) ? ' defer' : '', '></script>'; |
@@ -3909,7 +3911,9 @@ discard block |
||
| 3909 | 3911 | return $data; |
| 3910 | 3912 | |
| 3911 | 3913 | // Different pages include different files, so we use a hash to label the different combinations |
| 3912 | - $hash = md5(implode(' ', array_map(function($file) { return $file['filePath'] . (int) @filesize($file['filePath']) . (int) @filemtime($file['filePath']); }, $data))); |
|
| 3914 | + $hash = md5(implode(' ', array_map(function($file) |
|
| 3915 | + { |
|
| 3916 | +return $file['filePath'] . (int) @filesize($file['filePath']) . (int) @filemtime($file['filePath']); }, $data))); |
|
| 3913 | 3917 | |
| 3914 | 3918 | // Is this a deferred or asynchonous JavaScript file? |
| 3915 | 3919 | $async = $type === 'js'; |
@@ -5910,7 +5914,6 @@ discard block |
||
| 5910 | 5914 | $isWritable = true; |
| 5911 | 5915 | break; |
| 5912 | 5916 | } |
| 5913 | - |
|
| 5914 | 5917 | else |
| 5915 | 5918 | @chmod($file, $val); |
| 5916 | 5919 | } |
@@ -6080,7 +6083,8 @@ discard block |
||
| 6080 | 6083 | if (!empty($tlds)) |
| 6081 | 6084 | { |
| 6082 | 6085 | // Clean $tlds and convert it to an array |
| 6083 | - $tlds = array_filter(explode("\n", strtolower($tlds)), function($line) { |
|
| 6086 | + $tlds = array_filter(explode("\n", strtolower($tlds)), function($line) |
|
| 6087 | + { |
|
| 6084 | 6088 | $line = trim($line); |
| 6085 | 6089 | if (empty($line) || strpos($line, '#') !== false || strpos($line, ' ') !== false) |
| 6086 | 6090 | return false; |
@@ -6091,7 +6095,9 @@ discard block |
||
| 6091 | 6095 | // Convert Punycode to Unicode |
| 6092 | 6096 | require_once($sourcedir . '/Class-Punycode.php'); |
| 6093 | 6097 | $Punycode = new Punycode(); |
| 6094 | - $tlds = array_map(function ($input) use ($Punycode) { return $Punycode->decode($input); }, $tlds); |
|
| 6098 | + $tlds = array_map(function ($input) use ($Punycode) |
|
| 6099 | + { |
|
| 6100 | +return $Punycode->decode($input); }, $tlds); |
|
| 6095 | 6101 | } |
| 6096 | 6102 | // Otherwise, use the 2012 list of gTLDs and ccTLDs for now and schedule a background update |
| 6097 | 6103 | else |
@@ -6258,7 +6264,8 @@ discard block |
||
| 6258 | 6264 | } |
| 6259 | 6265 | |
| 6260 | 6266 | // Sort by key length and then alphabetically |
| 6261 | - uksort($regex, function($k1, $k2) use (&$strlen) { |
|
| 6267 | + uksort($regex, function($k1, $k2) use (&$strlen) |
|
| 6268 | + { |
|
| 6262 | 6269 | $l1 = $strlen($k1); |
| 6263 | 6270 | $l2 = $strlen($k2); |
| 6264 | 6271 | |
@@ -6512,7 +6519,8 @@ discard block |
||
| 6512 | 6519 | function sanitize_iri($iri) |
| 6513 | 6520 | { |
| 6514 | 6521 | // Encode any non-ASCII characters (but not space or control characters of any sort) |
| 6515 | - $iri = preg_replace_callback('~[^\x00-\x7F\pZ\pC]~u', function ($matches) { |
|
| 6522 | + $iri = preg_replace_callback('~[^\x00-\x7F\pZ\pC]~u', function ($matches) |
|
| 6523 | + { |
|
| 6516 | 6524 | return rawurlencode($matches[0]); |
| 6517 | 6525 | }, $iri); |
| 6518 | 6526 | |
@@ -64,7 +64,8 @@ discard block |
||
| 64 | 64 | { |
| 65 | 65 | $this->buildLookup(); |
| 66 | 66 | |
| 67 | - if ($initKey !== null) { |
|
| 67 | + if ($initKey !== null) |
|
| 68 | + { |
|
| 68 | 69 | $this->setInitKey($initKey); |
| 69 | 70 | } |
| 70 | 71 | } |
@@ -98,7 +99,8 @@ discard block |
||
| 98 | 99 | */ |
| 99 | 100 | public function setRange($range) |
| 100 | 101 | { |
| 101 | - if (!is_numeric($range)) { |
|
| 102 | + if (!is_numeric($range)) |
|
| 103 | + { |
|
| 102 | 104 | throw new \InvalidArgumentException('Invalid window range'); |
| 103 | 105 | } |
| 104 | 106 | $this->range = $range; |
@@ -114,7 +116,8 @@ discard block |
||
| 114 | 116 | */ |
| 115 | 117 | public function setInitKey($key) |
| 116 | 118 | { |
| 117 | - if (preg_match('/^[' . implode('', array_keys($this->getLookup())) . ']+$/', $key) == false) { |
|
| 119 | + if (preg_match('/^[' . implode('', array_keys($this->getLookup())) . ']+$/', $key) == false) |
|
| 120 | + { |
|
| 118 | 121 | throw new \InvalidArgumentException('Invalid base32 hash!'); |
| 119 | 122 | } |
| 120 | 123 | $this->initKey = $key; |
@@ -140,7 +143,8 @@ discard block |
||
| 140 | 143 | */ |
| 141 | 144 | public function setLookup($lookup) |
| 142 | 145 | { |
| 143 | - if (!is_array($lookup)) { |
|
| 146 | + if (!is_array($lookup)) |
|
| 147 | + { |
|
| 144 | 148 | throw new \InvalidArgumentException('Lookup value must be an array'); |
| 145 | 149 | } |
| 146 | 150 | $this->lookup = $lookup; |
@@ -176,7 +180,8 @@ discard block |
||
| 176 | 180 | */ |
| 177 | 181 | public function setRefresh($seconds) |
| 178 | 182 | { |
| 179 | - if (!is_numeric($seconds)) { |
|
| 183 | + if (!is_numeric($seconds)) |
|
| 184 | + { |
|
| 180 | 185 | throw new \InvalidArgumentException('Seconds must be numeric'); |
| 181 | 186 | } |
| 182 | 187 | $this->refreshSeconds = $seconds; |
@@ -217,7 +222,8 @@ discard block |
||
| 217 | 222 | */ |
| 218 | 223 | public function validateCode($code, $initKey = null, $timestamp = null, $range = null) |
| 219 | 224 | { |
| 220 | - if (strlen($code) !== $this->getCodeLength()) { |
|
| 225 | + if (strlen($code) !== $this->getCodeLength()) |
|
| 226 | + { |
|
| 221 | 227 | throw new \InvalidArgumentException('Incorrect code length'); |
| 222 | 228 | } |
| 223 | 229 | |
@@ -227,8 +233,10 @@ discard block |
||
| 227 | 233 | |
| 228 | 234 | $binary = $this->base32_decode($initKey); |
| 229 | 235 | |
| 230 | - for ($time = ($timestamp - $range); $time <= ($timestamp + $range); $time++) { |
|
| 231 | - if ($this->generateOneTime($binary, $time) == $code) { |
|
| 236 | + for ($time = ($timestamp - $range); $time <= ($timestamp + $range); $time++) |
|
| 237 | + { |
|
| 238 | + if ($this->generateOneTime($binary, $time) == $code) |
|
| 239 | + { |
|
| 232 | 240 | return true; |
| 233 | 241 | } |
| 234 | 242 | } |
@@ -269,7 +277,8 @@ discard block |
||
| 269 | 277 | $lookup = implode('', array_keys($this->getLookup())); |
| 270 | 278 | $code = ''; |
| 271 | 279 | |
| 272 | - for ($i = 0; $i < $length; $i++) { |
|
| 280 | + for ($i = 0; $i < $length; $i++) |
|
| 281 | + { |
|
| 273 | 282 | $code .= $lookup[$smcFunc['random_int'](0, strlen($lookup) - 1)]; |
| 274 | 283 | } |
| 275 | 284 | |
@@ -315,7 +324,8 @@ discard block |
||
| 315 | 324 | { |
| 316 | 325 | $lookup = $this->getLookup(); |
| 317 | 326 | |
| 318 | - if (preg_match('/^[' . implode('', array_keys($lookup)) . ']+$/', $hash) == false) { |
|
| 327 | + if (preg_match('/^[' . implode('', array_keys($lookup)) . ']+$/', $hash) == false) |
|
| 328 | + { |
|
| 319 | 329 | throw new \InvalidArgumentException('Invalid base32 hash!'); |
| 320 | 330 | } |
| 321 | 331 | |
@@ -324,12 +334,14 @@ discard block |
||
| 324 | 334 | $length = 0; |
| 325 | 335 | $binary = ''; |
| 326 | 336 | |
| 327 | - for ($i = 0; $i < strlen($hash); $i++) { |
|
| 337 | + for ($i = 0; $i < strlen($hash); $i++) |
|
| 338 | + { |
|
| 328 | 339 | $buffer = $buffer << 5; |
| 329 | 340 | $buffer += $lookup[$hash[$i]]; |
| 330 | 341 | $length += 5; |
| 331 | 342 | |
| 332 | - if ($length >= 8) { |
|
| 343 | + if ($length >= 8) |
|
| 344 | + { |
|
| 333 | 345 | $length -= 8; |
| 334 | 346 | $binary .= chr(($buffer & (0xFF << $length)) >> $length); |
| 335 | 347 | } |
@@ -18,7 +18,8 @@ discard block |
||
| 18 | 18 | |
| 19 | 19 | namespace { |
| 20 | 20 | |
| 21 | - if (!defined('PASSWORD_DEFAULT')) { |
|
| 21 | + if (!defined('PASSWORD_DEFAULT')) |
|
| 22 | + { |
|
| 22 | 23 | |
| 23 | 24 | define('PASSWORD_BCRYPT', 1); |
| 24 | 25 | define('PASSWORD_DEFAULT', PASSWORD_BCRYPT); |
@@ -34,31 +35,39 @@ discard block |
||
| 34 | 35 | * |
| 35 | 36 | * @return string|false The hashed password, or false on error. |
| 36 | 37 | */ |
| 37 | - function password_hash($password, $algo, array $options = array()) { |
|
| 38 | + function password_hash($password, $algo, array $options = array()) |
|
| 39 | + { |
|
| 38 | 40 | global $smcFunc; |
| 39 | 41 | |
| 40 | - if (!function_exists('crypt')) { |
|
| 42 | + if (!function_exists('crypt')) |
|
| 43 | + { |
|
| 41 | 44 | trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING); |
| 42 | 45 | return null; |
| 43 | 46 | } |
| 44 | - if (!is_string($password)) { |
|
| 47 | + if (!is_string($password)) |
|
| 48 | + { |
|
| 45 | 49 | trigger_error("password_hash(): Password must be a string", E_USER_WARNING); |
| 46 | 50 | return null; |
| 47 | 51 | } |
| 48 | - if (!is_int($algo)) { |
|
| 52 | + if (!is_int($algo)) |
|
| 53 | + { |
|
| 49 | 54 | trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING); |
| 50 | 55 | return null; |
| 51 | 56 | } |
| 52 | - if (PasswordCompat\binary\_strlen($password) > 72) { |
|
| 57 | + if (PasswordCompat\binary\_strlen($password) > 72) |
|
| 58 | + { |
|
| 53 | 59 | $password = PasswordCompat\binary\_substr($password, 0, 72); |
| 54 | 60 | } |
| 55 | - switch ($algo) { |
|
| 61 | + switch ($algo) |
|
| 62 | + { |
|
| 56 | 63 | case PASSWORD_BCRYPT: |
| 57 | 64 | // Note that this is a C constant, but not exposed to PHP, so we don't define it here. |
| 58 | 65 | $cost = 10; |
| 59 | - if (isset($options['cost'])) { |
|
| 66 | + if (isset($options['cost'])) |
|
| 67 | + { |
|
| 60 | 68 | $cost = $options['cost']; |
| 61 | - if ($cost < 4 || $cost > 31) { |
|
| 69 | + if ($cost < 4 || $cost > 31) |
|
| 70 | + { |
|
| 62 | 71 | trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING); |
| 63 | 72 | return null; |
| 64 | 73 | } |
@@ -76,8 +85,10 @@ discard block |
||
| 76 | 85 | return null; |
| 77 | 86 | } |
| 78 | 87 | $salt_requires_encoding = false; |
| 79 | - if (isset($options['salt'])) { |
|
| 80 | - switch (gettype($options['salt'])) { |
|
| 88 | + if (isset($options['salt'])) |
|
| 89 | + { |
|
| 90 | + switch (gettype($options['salt'])) |
|
| 91 | + { |
|
| 81 | 92 | case 'NULL': |
| 82 | 93 | case 'boolean': |
| 83 | 94 | case 'integer': |
@@ -86,7 +97,8 @@ discard block |
||
| 86 | 97 | $salt = (string) $options['salt']; |
| 87 | 98 | break; |
| 88 | 99 | case 'object': |
| 89 | - if (method_exists($options['salt'], '__tostring')) { |
|
| 100 | + if (method_exists($options['salt'], '__tostring')) |
|
| 101 | + { |
|
| 90 | 102 | $salt = (string) $options['salt']; |
| 91 | 103 | break; |
| 92 | 104 | } |
@@ -96,51 +108,70 @@ discard block |
||
| 96 | 108 | trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING); |
| 97 | 109 | return null; |
| 98 | 110 | } |
| 99 | - if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) { |
|
| 111 | + if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) |
|
| 112 | + { |
|
| 100 | 113 | trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompat\binary\_strlen($salt), $required_salt_len), E_USER_WARNING); |
| 101 | 114 | return null; |
| 102 | - } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) { |
|
| 115 | + } |
|
| 116 | + elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) |
|
| 117 | + { |
|
| 103 | 118 | $salt_requires_encoding = true; |
| 104 | 119 | } |
| 105 | - } else { |
|
| 120 | + } |
|
| 121 | + else |
|
| 122 | + { |
|
| 106 | 123 | $buffer = ''; |
| 107 | 124 | $buffer_valid = false; |
| 108 | - if (function_exists('random_bytes')) { |
|
| 125 | + if (function_exists('random_bytes')) |
|
| 126 | + { |
|
| 109 | 127 | $buffer = random_bytes($raw_salt_len); |
| 110 | - if ($buffer) { |
|
| 128 | + if ($buffer) |
|
| 129 | + { |
|
| 111 | 130 | $buffer_valid = true; |
| 112 | 131 | } |
| 113 | 132 | } |
| 114 | - if (!$buffer_valid && function_exists('mcrypt_create_iv') && !defined('PHALANGER')) { |
|
| 133 | + if (!$buffer_valid && function_exists('mcrypt_create_iv') && !defined('PHALANGER')) |
|
| 134 | + { |
|
| 115 | 135 | $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM); |
| 116 | - if ($buffer) { |
|
| 136 | + if ($buffer) |
|
| 137 | + { |
|
| 117 | 138 | $buffer_valid = true; |
| 118 | 139 | } |
| 119 | 140 | } |
| 120 | - if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) { |
|
| 141 | + if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) |
|
| 142 | + { |
|
| 121 | 143 | $buffer = openssl_random_pseudo_bytes($raw_salt_len); |
| 122 | - if ($buffer) { |
|
| 144 | + if ($buffer) |
|
| 145 | + { |
|
| 123 | 146 | $buffer_valid = true; |
| 124 | 147 | } |
| 125 | 148 | } |
| 126 | - if (!$buffer_valid && @is_readable('/dev/urandom')) { |
|
| 149 | + if (!$buffer_valid && @is_readable('/dev/urandom')) |
|
| 150 | + { |
|
| 127 | 151 | $f = fopen('/dev/urandom', 'r'); |
| 128 | 152 | $read = PasswordCompat\binary\_strlen($buffer); |
| 129 | - while ($read < $raw_salt_len) { |
|
| 153 | + while ($read < $raw_salt_len) |
|
| 154 | + { |
|
| 130 | 155 | $buffer .= fread($f, $raw_salt_len - $read); |
| 131 | 156 | $read = PasswordCompat\binary\_strlen($buffer); |
| 132 | 157 | } |
| 133 | 158 | fclose($f); |
| 134 | - if ($read >= $raw_salt_len) { |
|
| 159 | + if ($read >= $raw_salt_len) |
|
| 160 | + { |
|
| 135 | 161 | $buffer_valid = true; |
| 136 | 162 | } |
| 137 | 163 | } |
| 138 | - if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) { |
|
| 164 | + if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) |
|
| 165 | + { |
|
| 139 | 166 | $bl = PasswordCompat\binary\_strlen($buffer); |
| 140 | - for ($i = 0; $i < $raw_salt_len; $i++) { |
|
| 141 | - if ($i < $bl) { |
|
| 167 | + for ($i = 0; $i < $raw_salt_len; $i++) |
|
| 168 | + { |
|
| 169 | + if ($i < $bl) |
|
| 170 | + { |
|
| 142 | 171 | $buffer[$i] = $buffer[$i] ^ chr($smcFunc['random_int'](0, 255)); |
| 143 | - } else { |
|
| 172 | + } |
|
| 173 | + else |
|
| 174 | + { |
|
| 144 | 175 | $buffer .= chr($smcFunc['random_int'](0, 255)); |
| 145 | 176 | } |
| 146 | 177 | } |
@@ -148,7 +179,8 @@ discard block |
||
| 148 | 179 | $salt = $buffer; |
| 149 | 180 | $salt_requires_encoding = true; |
| 150 | 181 | } |
| 151 | - if ($salt_requires_encoding) { |
|
| 182 | + if ($salt_requires_encoding) |
|
| 183 | + { |
|
| 152 | 184 | // encode string with the Base64 variant used by crypt |
| 153 | 185 | $base64_digits = |
| 154 | 186 | 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; |
@@ -164,7 +196,8 @@ discard block |
||
| 164 | 196 | |
| 165 | 197 | $ret = crypt($password, $hash); |
| 166 | 198 | |
| 167 | - if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) { |
|
| 199 | + if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) |
|
| 200 | + { |
|
| 168 | 201 | return false; |
| 169 | 202 | } |
| 170 | 203 | |
@@ -187,13 +220,15 @@ discard block |
||
| 187 | 220 | * |
| 188 | 221 | * @return array The array of information about the hash. |
| 189 | 222 | */ |
| 190 | - function password_get_info($hash) { |
|
| 223 | + function password_get_info($hash) |
|
| 224 | + { |
|
| 191 | 225 | $return = array( |
| 192 | 226 | 'algo' => 0, |
| 193 | 227 | 'algoName' => 'unknown', |
| 194 | 228 | 'options' => array(), |
| 195 | 229 | ); |
| 196 | - if (PasswordCompat\binary\_substr($hash, 0, 4) == '$2y$' && PasswordCompat\binary\_strlen($hash) == 60) { |
|
| 230 | + if (PasswordCompat\binary\_substr($hash, 0, 4) == '$2y$' && PasswordCompat\binary\_strlen($hash) == 60) |
|
| 231 | + { |
|
| 197 | 232 | $return['algo'] = PASSWORD_BCRYPT; |
| 198 | 233 | $return['algoName'] = 'bcrypt'; |
| 199 | 234 | list($cost) = sscanf($hash, "$2y$%d$"); |
@@ -213,15 +248,19 @@ discard block |
||
| 213 | 248 | * |
| 214 | 249 | * @return boolean True if the password needs to be rehashed. |
| 215 | 250 | */ |
| 216 | - function password_needs_rehash($hash, $algo, array $options = array()) { |
|
| 251 | + function password_needs_rehash($hash, $algo, array $options = array()) |
|
| 252 | + { |
|
| 217 | 253 | $info = password_get_info($hash); |
| 218 | - if ($info['algo'] != $algo) { |
|
| 254 | + if ($info['algo'] != $algo) |
|
| 255 | + { |
|
| 219 | 256 | return true; |
| 220 | 257 | } |
| 221 | - switch ($algo) { |
|
| 258 | + switch ($algo) |
|
| 259 | + { |
|
| 222 | 260 | case PASSWORD_BCRYPT: |
| 223 | 261 | $cost = isset($options['cost']) ? $options['cost'] : 10; |
| 224 | - if ($cost != $info['options']['cost']) { |
|
| 262 | + if ($cost != $info['options']['cost']) |
|
| 263 | + { |
|
| 225 | 264 | return true; |
| 226 | 265 | } |
| 227 | 266 | break; |
@@ -237,21 +276,26 @@ discard block |
||
| 237 | 276 | * |
| 238 | 277 | * @return boolean If the password matches the hash |
| 239 | 278 | */ |
| 240 | - function password_verify($password, $hash) { |
|
| 241 | - if (!function_exists('crypt')) { |
|
| 279 | + function password_verify($password, $hash) |
|
| 280 | + { |
|
| 281 | + if (!function_exists('crypt')) |
|
| 282 | + { |
|
| 242 | 283 | trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING); |
| 243 | 284 | return false; |
| 244 | 285 | } |
| 245 | - if (PasswordCompat\binary\_strlen($password) > 72) { |
|
| 286 | + if (PasswordCompat\binary\_strlen($password) > 72) |
|
| 287 | + { |
|
| 246 | 288 | $password = PasswordCompat\binary\_substr($password, 0, 72); |
| 247 | 289 | } |
| 248 | 290 | $ret = crypt($password, $hash); |
| 249 | - if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != PasswordCompat\binary\_strlen($hash) || PasswordCompat\binary\_strlen($ret) <= 13) { |
|
| 291 | + if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != PasswordCompat\binary\_strlen($hash) || PasswordCompat\binary\_strlen($ret) <= 13) |
|
| 292 | + { |
|
| 250 | 293 | return false; |
| 251 | 294 | } |
| 252 | 295 | |
| 253 | 296 | $status = 0; |
| 254 | - for ($i = 0; $i < PasswordCompat\binary\_strlen($ret); $i++) { |
|
| 297 | + for ($i = 0; $i < PasswordCompat\binary\_strlen($ret); $i++) |
|
| 298 | + { |
|
| 255 | 299 | $status |= (ord($ret[$i]) ^ ord($hash[$i])); |
| 256 | 300 | } |
| 257 | 301 | |
@@ -273,8 +317,10 @@ discard block |
||
| 273 | 317 | * @internal |
| 274 | 318 | * @return int The number of bytes |
| 275 | 319 | */ |
| 276 | - function _strlen($binary_string) { |
|
| 277 | - if (function_exists('mb_strlen')) { |
|
| 320 | + function _strlen($binary_string) |
|
| 321 | + { |
|
| 322 | + if (function_exists('mb_strlen')) |
|
| 323 | + { |
|
| 278 | 324 | return mb_strlen($binary_string, '8bit'); |
| 279 | 325 | } |
| 280 | 326 | return strlen($binary_string); |
@@ -292,8 +338,10 @@ discard block |
||
| 292 | 338 | * @internal |
| 293 | 339 | * @return string The substring |
| 294 | 340 | */ |
| 295 | - function _substr($binary_string, $start, $length) { |
|
| 296 | - if (function_exists('mb_substr')) { |
|
| 341 | + function _substr($binary_string, $start, $length) |
|
| 342 | + { |
|
| 343 | + if (function_exists('mb_substr')) |
|
| 344 | + { |
|
| 297 | 345 | return mb_substr($binary_string, $start, $length, '8bit'); |
| 298 | 346 | } |
| 299 | 347 | return substr($binary_string, $start, $length); |
